Michigan State Politicians Looking Into Sheriff Department's Use Of A Cell Tower Spoofer

from the 'we-haven't-discussed-it-because-9/11' dept

More news has surfaced of cell tower spoofers being deployed without the public's knowledge. This time it's the Oakland County (Michigan) Sheriff's Department rolling out an upgraded Stingray device from Harris Manufacturing, known as "Hailstorm." The sad thing here is that the opportunity for public input presented itself pre-rollout but local politicians slept on the issue.

Oakland County commissioners asked no questions last March before unanimously approving a cellphone tracking device so powerful it was used by the military to fight terrorists.

Now, though, some privacy advocates question why one of the safest counties in Michigan needs the super-secretive Hailstorm device that is believed to be able to collect large amounts of cellphone data, including the locations of users, by masquerading as a cell tower.

“I don’t like not knowing what it’s capable of,” said county Commissioner Jim Runestad, R-White Lake Township, who has met in recent weeks with sheriff’s officials about his concerns.

Harris, as it has been noted, heads off criticism and the impertinent questions of the public by tying up law enforcement officials with restrictive non-disclosure agreements. These NDAs have proven handy for some LEOs -- particularly in Florida where officials made the case that the restrictions of the contract prevented them from seeking warrants before using the cell tower spoofer.

State politicians are now attempting to have a belated discussion of the technology's privacy implications, thanks in part to prompting by local journalists. The Michigan House Oversight Committee brought in Christopher Soghoian, policy analyst from the ACLU and former magistrate judge Brian Owsley. (Recording embedded below.)

Soghoian's concerns aren't simply about the privacy implications or the secrecy Harris has shrouded its technology in, but also the fact that there's no way to track misuse of the equipment.

What’s particularly worrisome is there is no telltale sign they’ve been used, Soghoian said: “It doesn’t leave a trace. No one would ever catch you.” That means no one would know if police misused the device or activated it without a warrant, Soghoian said.

Owsley, in his statement to the committee, noted that the first time discussion of this technology occurred in his courtroom, it was presented by law enforcement as something along the lines of a pen register. As Owsley points, all it takes in most cases to get a pen register granted is a pulse. As long as both the magistrate judge and the law enforcement official are technically alive, the pen register will be signed off on.

That law enforcement portrayed cell tower spoofing in this fashion is no surprise, since it gives them the greatest chance of securing permission to deploy it. (The NSA/FBI did the same thing in order to push through its bulk phone metadata program.) Unlike regular pen registers, however, Stingrays/Hailstorms are deployed in cases where law enforcement may not even have a known phone number. Instead, they may be working off a list of numbers potentially tied to the subject of their investigation, or are just waiting for communications to originate from a certain location.

Now that the technology is finally being questioned, representatives of the Oakland County Sheriff's Department are stepping up to defend their acquisition.

Undersheriff Michael McCabe said, “Hailstorm helps us capture fugitives from the law, people wanted for murder and rape” and can be used only with a search warrant. He said the federal Homeland Security Act bars him from discussing Hailstorm, but he elaborated at length about what it doesn’t do.

Interestingly, McCabe cites the Homeland Security Act as prohibiting discussion, rather than the manufacturer's restrictive NDA. The county also cited "homeland security" terminology in its refusal to release requested documents about the Hailstorm device.

The county denied The News’ Freedom of Information Act request, saying the information is protected by anti-terror laws and includes “investigating records compiled for law enforcement purposes that would disclose law enforcement investigative techniques or procedures.”

Law enforcement officials in one of the safest counties in Michigan are conjuring up terrorism as an excuse for deploying a questionable device, as well as to avoid having to answer any tough questions about its capabilities or usage.

Undersheriff McCabe claims the device is used to go after "people wanted for murder and rape," while simultaneously claiming the DHS won't allow the department to talk about its non-terrorist-related use. He also claims it's not used without a warrant, a statement the county itself isn't allowing anyone to verify. (Among the documents requested were returned warrants on closed cases.) The Sheriff's Department refuses to discuss the technology (other than to highlight how great it is at catching bad guys) or back up its statements with documentation and somehow expects the public to be just fine with all of this. With state politicians now looking into its Hailstorm usage, the normal combination of obfuscation and bluster likely won't keep these details secret for much longer.

Did they offer up the evidence in the cases where they caught all of these alleged bad guys?Or is this another one of those times where we had to buy something, so we keep getting the same money so buy it and sort it out later moments?

Or are we using secret machines, to gather secret evidence, that is so secret we can't reveal anything about it keeping it from view?Secret courts, secret laws, secret evidence...Not sure but I think they might have lost sight of what they claim to be protecting.

Re:

I wonder if cell tower spoofers also affect 3g/4g as well. My cell provider usually blocks VPN use, but there is one place where I can connect to the VPN on my home computer. Could that be a cell tower spoofer somewhere?

Oakland one of the 'safest counties'?

Hm... as much as I have my reservations about these devices, I have more reservations on statements like Oakland County being one of the most safest counties in the country, given that I worked in Pontiac, Michigan for a few years:

What business to law enforcement officers have signing non-disclosures? This shouldn't even be allowed. They are in positions in which they should be REQUIRED to disclose the capabilities of their people and equipment to the public they are supposed to serve.

Ultimately I have no problem with Stingray

It is a great tool that when properly used can help locate wanted individuals.So why are LEOs so vehemently against sharing information about their usage? Are they just that afraid of public backlash that they will be forced to stop using them? That seems to be the only logical answer I can think of.Ultimately Politicians need to actually do their jobs and force LEOs to properly follow the law.

Re: Ultimately I have no problem with Stingray

LEO don't want to talk about it for the same reason the military doesn't talk about their technology systems too much either - they don't want the other side to get smarter.

If the criminal element comes to understand that having a phone, even a burner phone, in their possession is enough to build a case against them, then they will perhaps shy away from the technology. It's just like the old time mafia types who came to understand that their phones would be tapped, so they would make arrangements to use the neighbors phone, or to go to a payphone to make important calls, so that they could not easily be implicated.

Stingraym when used carefully, can potentially provide information that would make the difference in criminal cases. I can't say that I am against the police having it. That it could be used for bad things doesn't cause me much concern, these guys have guns, mace, tasers, and computers capable of doing just as much harm if not more if used improperly.

Re:

more evidence of the 'police state'! when are people going to start demanding this sort of thing is stopped, for good?? scooping up all information on everybody may well expose a little piece about some criminal, some fugitive, but it isn't very good for all the others that are trawled into the net at the same time. on top of that, how long is this 'irrelevant information' retained?

Re: Re: Ultimately I have no problem with Stingray

If the criminal element comes to understand that having a phone, even a burner phone, in their possession is enough to build a case against them, then they will perhaps shy away from the technology.

Unless they have been living under a rock, in a deep cave, the bad guys already know that. What they do not know is when and where such devices are used.What the public does not know is what is actually captured, and it is possible that the devices record everything while they are in use, which the public could find to be a huge problem.

Re:

1. so-o-o-o, we are supposed to 'trust' LEO's who lie with impunity, even over things they aren't allowed to lie about ? ? ?gee, that sounds about right...2. so-o-o-o, they are the ONLY group of LEOs who can be trusted to NOT abuse this technology that has no record or other means of restricting or monitoring its use ? ? ?maybe we need to start a company that makes gizmos to monitor police state monitoring equipment...bet THAT would go over real big...

Re: Re:

Hint for Android users:

1. Type *#*#INFO#*#* on the dialer. When you hit the last *, it will open a secret debug screen.2. Chose the first option (phone information). On it, one of the first items is a list of phone modes. Select "WCDMA only".3. Now your phone is configured to use 3G only. Be careful: if you turn off your phone, you have to do it all again after you turn it on. Also note that this is the same setting as the "GSM only" option you can find on the normal settings, so if you ever enable "GSM only", it will forget your "WCDMA only" choice.

If you are using the "WCDMA only" mode (or other similar modes like LTE only), your phone cannot be forced into 2G GSM.

From what I've heard, 3G also authenticates the tower. 2G only authenticates the phone, which is why they would want to force the phone to 2G. Not that it matters much; AFAIK, even the newer crypto used by 3G has already been broken.

Re: Ultimately I have no problem with Stingray

"Ultimately Politicians need to actually do their jobs and force LEOs to properly follow the law."

Oh okay, just that one little thing and then it's cool?

...other than that, how was the play Mrs. Lincoln?

The politicians aren't doing their jobs. And arguably, since LE is responsible for public safety - and secret, warrantless mass surveillance with little-to-no adversarial oversight will certainly be abused to the detriment of said public - neither are the LEOs. And let's not forget the public's responsibility to participate in their own defense.

So, ultimately, you have a looooong way to go until you have no problem with Stingray.

Re:

Re:

Of course the companies who developed this stuff want to find a reliable civilian market. They can't run a business just on the basis of a few peak years when the US is actively pursuing a foreign war. They need annual cash flow from sales to police departments.